Phishing campaign that impersonates FBI director is back
Updated at: Oct 01, 2019
It may sound like a joke, but in this not-so-new phishing scam, cybercriminals are trying to impersonate an FBI director to steal sensitive information, as the Bleeping Computer reported. The malicious email is sent by firstname.lastname@example.org. An extremely suspicious address, isn’t it? In addition, the subject of the email supposedly sent by director Christopher Wray is "Attension: Beneficiary", which is also doubtful.
The email's content also draws attention due to its strangeness. The message says that the recipient has the right to receive an amount of USD 10 million. The reason isn't clear, but it's related to the FBI, the Bank of America and the United Nations financial department, and was approved by them.
“We just got an information from the Bank of America and they have loaded your $10.7 (Ten million seven hundred thousand united state dollars) in CHECK and submit to the CARGO LOGISTICS COURIER DELIVERY SERVICE for immediate delivery to your doorstep”, says the phishing email.
Then the phishing scam continues with the request for personal information, such as full name, address and phone number.
“We request that you reconfirm your mailing address to ensure conformity with our record for immediate dispatch of your parcel to you. Only valid residential/Office address and postal address are certified Ok”.
Besides all that, the malicious email makes available the contact of an FBI special agent called Richard Bowen. His email address is email@example.com. Really? An FBI special agent using a Yahoo address?
Another funny detail (not to say bizarre): the check that will be sent weighs 2 kg (more than 4 pounds), a weight quite unusual for a piece of paper, right?
How phishing emails work
Phishing emails often have common features. In this case, we may point some out, such as the subject urgency, the identity forgery, a super lucrative offer, and spelling and grammar errors.
The most interesting thing to note in this phishing case involving the FBI is that cybercriminals have no limits. They make use of different arguments, tools and strategies to succeed in their scams. Social engineering is one of them.
To get an idea, according to the Internet Crime Report (by the FBI), phishing scams have caused losses of USD 48 million in 2018. Business Email Compromise (BEC) and Email Account Compromise (EAC) attacks, types of spear-phishing, resulted in USD 1.2 billion in losses.
Phishing involving the FBI
Now take a look at the email's full text:
OFFICIAL LETTER FROM FEDERAL BUREAU OF INVESTIGATION FBI
EXECUTIVE DIRECTOR FBI FEDERAL BUREAU OF INVESTIGATION
FBI SEEKING TO WIRETAP INTERNET
We the Federal Bureau of investigation (FBI) through our intelligence-monitoring network have discovered that the transaction that the bank contacted you previously for was legal. Recently the fund has been legally approved to be paid via Bank of America. So, we the Federal Bureau of investigation (FBI) Washington Dc, in conjunction with the United Nations (UN) financial department have investigated through our monitoring network noting you that your transaction with the Bank of America is legal.
You have the legitimate right to complete your transaction to claim your fund $10.7 (Ten million seven hundred thousand united state dollars) Because of so much scam going on Internet. We the Federal Bureau of investigation decided to contact the CARGO LOGISTICS COURIER DELIVERY SERVICE, for They to give us their procedures on how to send this money to you without any further complain or delay. We just got an information from the Bank of America and they have loaded your $10.7 (Ten million seven hundred thousand united state dollars) in CHECK and submit to the CARGO LOGISTICS COURIER DELIVERY SERVICE for immediate delivery to your doorstep. You are required to choose one option, which you will be to pay and also convenient for you,For quick delivery of your parcel containing your "CHECK" and other two original back up documents.
We request that you reconfirm your mailing address to ensure conformity with our record for immediate dispatch of your parcel to you. Only valid residential/Office address and postal address are certified Ok.
DELIVERY DESTINATION INFORMATION:
Receiver's Name: ...................
Delivery Information/ Parcel Description
Delivery Terms: International Delivery
Condition of Delivery: Priority Delivery
Consignment Note No: MI 49866-2110
Color of Parcel: ...Brown.
Total Weight: 2.1 kg
Total Net Weight: 1.7 kg
We are here to protect you from any problem till you receive your package; you can as well get in touch with the CARGO LOGISTICS COURIER DELIVERY SERVICE assigned to deliver this financial package to your doorstep. Below is the delivery company's contact
FORT EXPRESS DISPATCH SERVICE
Assigned Special Agent: Mr.Richard Bowen
Looking forward to hear from you as soon as you receive this message.
Christopher A. Wray